NotificationsYou must be signed in to change notification settings
Fork1k
Star11.2k

Commitfc20adb

committed

remove dbauthz system usage

1 parentc501cf9 commitfc20adbCopy full SHA for fc20adb

File tree

3 files changed

+24

-23

lines changed

coderd
- coderdtest
  - coderdtest.go
- database/dbauthz
  - dbauthz.go
- notifications/push
  - push.go

3 files changed

+24

-23

lines changed

`‎coderd/coderdtest/coderdtest.go‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -284,7 +284,7 @@ func NewOptions(t testing.TB, options *Options) (func(http.Handler), context.Can`
`284`	`284`
`285`	`285`	`ifoptions.PushNotifier==nil {`
`286`	`286`	`// nolint:gocritic // Gets/sets VAPID keys.`
`287`		`-pushNotifier,err:=push.New(dbauthz.AsSystemRestricted(context.Background()),options.Logger,options.Database)`
	`287`	`+pushNotifier,err:=push.New(dbauthz.AsNotifier(context.Background()),options.Logger,options.Database)`
`288`	`288`	`iferr!=nil {`
`289`	`289`	`panic(xerrors.Errorf("failed to create push notifier: %w",err))`
`290`	`290`	`}`

`‎coderd/database/dbauthz/dbauthz.go‎`

Lines changed: 22 additions & 21 deletions

Original file line number	Diff line number	Diff line change
`@@ -281,8 +281,10 @@ var (`
`281`	`281`	`Identifier: rbac.RoleIdentifier{Name:"notifier"},`
`282`	`282`	`DisplayName:"Notifier",`
`283`	`283`	`Site:rbac.Permissions(map[string][]policy.Action{`
`284`		`-rbac.ResourceNotificationMessage.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},`
`285`		`-rbac.ResourceInboxNotification.Type: {policy.ActionCreate},`
	`284`	`+rbac.ResourceNotificationMessage.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},`
	`285`	`+rbac.ResourceInboxNotification.Type: {policy.ActionCreate},`
	`286`	`+rbac.ResourceNotificationPushSubscription.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},`
	`287`	`+rbac.ResourceDeploymentConfig.Type: {policy.ActionRead,policy.ActionUpdate},// To read and upsert VAPID keys`
`286`	`288`	`}),`
`287`	`289`	`Org:map[string][]rbac.Permission{},`
`288`	`290`	`User: []rbac.Permission{},`
`@@ -317,25 +319,24 @@ var (`
`317`	`319`	`Identifier: rbac.RoleIdentifier{Name:"system"},`
`318`	`320`	`DisplayName:"Coder",`
`319`	`321`	`Site:rbac.Permissions(map[string][]policy.Action{`
`320`		`-rbac.ResourceWildcard.Type: {policy.ActionRead},`
`321`		`-rbac.ResourceApiKey.Type:rbac.ResourceApiKey.AvailableActions(),`
`322`		`-rbac.ResourceGroup.Type: {policy.ActionCreate,policy.ActionUpdate},`
`323`		`-rbac.ResourceAssignRole.Type:rbac.ResourceAssignRole.AvailableActions(),`
`324`		`-rbac.ResourceAssignOrgRole.Type:rbac.ResourceAssignOrgRole.AvailableActions(),`
`325`		`-rbac.ResourceSystem.Type: {policy.WildcardSymbol},`
`326`		`-rbac.ResourceOrganization.Type: {policy.ActionCreate,policy.ActionRead},`
`327`		`-rbac.ResourceOrganizationMember.Type: {policy.ActionCreate,policy.ActionDelete,policy.ActionRead},`
`328`		`-rbac.ResourceProvisionerDaemon.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate},`
`329`		`-rbac.ResourceUser.Type:rbac.ResourceUser.AvailableActions(),`
`330`		`-rbac.ResourceWorkspaceDormant.Type: {policy.ActionUpdate,policy.ActionDelete,policy.ActionWorkspaceStop},`
`331`		`-rbac.ResourceWorkspace.Type: {policy.ActionUpdate,policy.ActionDelete,policy.ActionWorkspaceStart,policy.ActionWorkspaceStop,policy.ActionSSH},`
`332`		`-rbac.ResourceWorkspaceProxy.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`333`		`-rbac.ResourceDeploymentConfig.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`334`		`-rbac.ResourceNotificationMessage.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},`
`335`		`-rbac.ResourceNotificationPreference.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`336`		`-rbac.ResourceNotificationTemplate.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`337`		`-rbac.ResourceNotificationPushSubscription.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`338`		`-rbac.ResourceCryptoKey.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
	`322`	`+rbac.ResourceWildcard.Type: {policy.ActionRead},`
	`323`	`+rbac.ResourceApiKey.Type:rbac.ResourceApiKey.AvailableActions(),`
	`324`	`+rbac.ResourceGroup.Type: {policy.ActionCreate,policy.ActionUpdate},`
	`325`	`+rbac.ResourceAssignRole.Type:rbac.ResourceAssignRole.AvailableActions(),`
	`326`	`+rbac.ResourceAssignOrgRole.Type:rbac.ResourceAssignOrgRole.AvailableActions(),`
	`327`	`+rbac.ResourceSystem.Type: {policy.WildcardSymbol},`
	`328`	`+rbac.ResourceOrganization.Type: {policy.ActionCreate,policy.ActionRead},`
	`329`	`+rbac.ResourceOrganizationMember.Type: {policy.ActionCreate,policy.ActionDelete,policy.ActionRead},`
	`330`	`+rbac.ResourceProvisionerDaemon.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate},`
	`331`	`+rbac.ResourceUser.Type:rbac.ResourceUser.AvailableActions(),`
	`332`	`+rbac.ResourceWorkspaceDormant.Type: {policy.ActionUpdate,policy.ActionDelete,policy.ActionWorkspaceStop},`
	`333`	`+rbac.ResourceWorkspace.Type: {policy.ActionUpdate,policy.ActionDelete,policy.ActionWorkspaceStart,policy.ActionWorkspaceStop,policy.ActionSSH},`
	`334`	`+rbac.ResourceWorkspaceProxy.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
	`335`	`+rbac.ResourceDeploymentConfig.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
	`336`	`+rbac.ResourceNotificationMessage.Type: {policy.ActionCreate,policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},`
	`337`	`+rbac.ResourceNotificationPreference.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
	`338`	`+rbac.ResourceNotificationTemplate.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
	`339`	`+rbac.ResourceCryptoKey.Type: {policy.ActionCreate,policy.ActionUpdate,policy.ActionDelete},`
`339`	`340`	`}),`
`340`	`341`	`Org:map[string][]rbac.Permission{},`
`341`	`342`	`User: []rbac.Permission{},`

`‎coderd/notifications/push/push.go‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -135,7 +135,7 @@ func (n *Notifier) Dispatch(ctx context.Context, userID uuid.UUID, notification`
`135`	`135`
`136`	`136`	`iflen(cleanupSubscriptions)>0 {`
`137`	`137`	`// nolint:gocritic // These are known to be invalid subscriptions.`
`138`		`-err=n.store.DeleteNotificationPushSubscriptions(dbauthz.AsSystemRestricted(ctx),cleanupSubscriptions)`
	`138`	`+err=n.store.DeleteNotificationPushSubscriptions(dbauthz.AsNotifier(ctx),cleanupSubscriptions)`
`139`	`139`	`iferr!=nil {`
`140`	`140`	`n.log.Error(ctx,"failed to delete stale push subscriptions",slog.Error(err))`
`141`	`141`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitfc20adb

File tree

3 files changed

3 files changed

`‎coderd/coderdtest/coderdtest.go‎`

`‎coderd/database/dbauthz/dbauthz.go‎`

`‎coderd/notifications/push/push.go‎`

0 commit comments